# csrf_protect,为当前函数强制设置防跨站请求伪造功能,即便settings中没有设置全局中间件。 # csrf_exempt,取消当前函数防跨站请求伪造功能,即便settings中设置了全局中间件 from django.utils.decorators import method_decorator from django.views.decorators.csrf import csrf_exempt,csrf_protect # 在FBV中可以加在方法上 @method_decorator(csrf_exempt) def reg(request): ..... # 在CBV中必须加在dispatch上 # 方法一 class HomeView(View): @method_decorator(csrf_exempt) def dispatch(self, request, *args, **kwargs): # 在请求到来之前,都会执行dispatch函数 return super(HomeView, self).dispatch(request, *args, **kwargs) def get(self, request): return render(request, "home.html") def post(self, request): print("Home View POST method...") return redirect("/index/") # 方法二 @method_decorator(csrf_exempt,name='dispatch') class HomeView(View): def get(self, request): return render(request, "home.html") def post(self, request): print("Home View POST method...") return redirect("/index/")